[Secure-testing-commits] r841 - sarge-checks/CAN
Joey Hess
joeyh@costa.debian.org
Mon, 18 Apr 2005 09:14:22 +0000
Author: joeyh
Date: 2005-04-18 09:14:18 +0000 (Mon, 18 Apr 2005)
New Revision: 841
Modified:
sarge-checks/CAN/list
Log:
automatic CAN database update
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-04-18 07:26:14 UTC (rev 840)
+++ sarge-checks/CAN/list 2005-04-18 09:14:18 UTC (rev 841)
@@ -1,3 +1,91 @@
+CAN-2005-1150 (Unknown vulnerability in Sun Java System Web Server 6.0 SP7 and ...)
+ TODO: check
+CAN-2005-1149 (SQL injection vulnerability in admin/login.asp in aspclick.it ACNews ...)
+ TODO: check
+CAN-2005-1148 (calendar.pl in CalendarScript 3.21 allows remote attackers to obtain ...)
+ TODO: check
+CAN-2005-1147 (calendar.pl in CalendarScript 3.20 allows remote attackers to obtain ...)
+ TODO: check
+CAN-2005-1146 (Cross-site scripting (XSS) vulnerability in the login command in ...)
+ TODO: check
+CAN-2005-1145 (Cross-site scripting (XSS) vulnerability in calendar.pl in ...)
+ TODO: check
+CAN-2005-1144 (popup.php in EasyPHPCalendar allows remote attackers to obtain ...)
+ TODO: check
+CAN-2005-1143 (Cross-site scripting (XSS) vulnerability in index.php in ...)
+ TODO: check
+CAN-2005-1142 (Heap-based buffer overflow in the readpgm function in pnm.c for GOCR ...)
+ TODO: check
+CAN-2005-1141 (Integer overflow in the readpgm function in pnm.c for GOCR 0.40, when ...)
+ TODO: check
+CAN-2005-1140 (Cross-site scripting (XSS) vulnerability in myBloggie 2.1.1 allows ...)
+ TODO: check
+CAN-2005-1139 (Opera 8 Beta 3, when using first-generation vetted digital ...)
+ TODO: check
+CAN-2005-1138 (Unknown vulnerability in WebMail in Kerio MailServer before 6.0.9 ...)
+ TODO: check
+CAN-2005-1137 (Simple PHP Blog (sphpBlog) 0.4.0 allows remote attackers to obtain ...)
+ TODO: check
+CAN-2005-1136 (Simple PHP Blog (sphpBlog) 0.4.0 stores the (1) password.txt and (2) ...)
+ TODO: check
+CAN-2005-1135 (Cross-site scripting (XSS) vulnerability in search.php for Simple PHP ...)
+ TODO: check
+CAN-2005-1134 (SQL injection vulnerability in exit.php for Serendipity 0.8 and ...)
+ TODO: check
+CAN-2005-1133 (The POP3 server in IBM iSeries AS/400 returns different error messages ...)
+ TODO: check
+CAN-2005-1132 (LG U8120 modile phone allows remote attackers to cause a denial of ...)
+ TODO: check
+CAN-2005-1131 (Unknown vulnerability in Veritas i3 Focalpoint Server 7.1 and earlier ...)
+ TODO: check
+CAN-2005-1130 (Cross-site scripting (XSS) vulnerability in index.php in Pinnacle Cart ...)
+ TODO: check
+CAN-2005-1129 (eGroupWare 1.0.6 and earlier, when an e-mail is composed with an ...)
+ TODO: check
+CAN-2005-1128 (Multiple SQL injection vulnerabilities in VHCS 2.4 and earlier allow ...)
+ TODO: check
+CAN-2005-1127 (Format string vulnerability in the log function in Net::Server 0.87 ...)
+ TODO: check
+CAN-2005-1126 (The SIOCGIFCONF ioctl (ifconf function) in FreeBSD 4.x through 4.11 ...)
+ TODO: check
+CAN-2005-1125 (Race condition in libsafe 2.0.16 and earlier, when running in ...)
+ TODO: check
+CAN-2005-1124 (Unknown vulnerability in the libgss Generic Security Services Library ...)
+ TODO: check
+CAN-2005-1123 (Monkey daemon (monkeyd) before 0.9.1 allows remote attackers to cause ...)
+ TODO: check
+CAN-2005-1122 (Format string vulnerability in cgi.c for Monkey daemon (monkeyd) ...)
+ TODO: check
+CAN-2005-1121 (Format string vulnerability in Oops! Proxy Server 1.5.53 and earlier ...)
+ TODO: check
+CAN-2005-1120 (Multiple cross-site scripting (XSS) vulnerabilities in IlohaMail ...)
+ TODO: check
+CAN-2005-1119 (Sudo VISudo 1.6.8 and earlier allows local users to corrupt arbitrary ...)
+ TODO: check
+CAN-2005-1118 (Cross-site scripting (XSS) vulnerability in IISWebAgentIF.dll in the ...)
+ TODO: check
+CAN-2005-1117 (PHP remote code injection vulnerability in index.php in ...)
+ TODO: check
+CAN-2005-1116 (Cross-site scripting (XSS) vulnerability in the Calendar module for ...)
+ TODO: check
+CAN-2005-1115 (Multiple cross-site scripting (XSS) vulnerabilities in Photo Album ...)
+ TODO: check
+CAN-2005-1114 (Multiple SQL injection vulnerabilities in album_search.php in Photo ...)
+ TODO: check
+CAN-2005-1113 (Multiple cross-site scripting (XSS) vulnerabilities in PhpBB Plus 1.52 ...)
+ TODO: check
+CAN-2005-1112 (IBM WebSphere Application Server 6.0 and earlier, when sharing the ...)
+ TODO: check
+CAN-2005-1111 (Race condition in cpio 2.6 and earlier allows local users to modify ...)
+ TODO: check
+CAN-2005-1110 (Stack-based buffer overflow in the RespondeHTTPPendiente function in ...)
+ TODO: check
+CAN-2005-1109 (The filtering of URLs in JunkBuster before 2.0.2-r3 allows remote ...)
+ TODO: check
+CAN-2005-1108 (The ij_untrusted_url function in JunkBuster 2.0.2-r2, with ...)
+ TODO: check
+CAN-2005-1107
+ NOTE: reserved
CAN-2005-XXXX [Multiple further vulnerabilities in Mozilla/Firefox beside CAN-2005-0989]
NOTE: Mozilla suite is not affected by all of these issues
- mozilla-firefox 1.0.3-1
@@ -910,6 +998,7 @@
CAN-2005-0753
NOTE: reserved
CAN-2005-0752 [PLUGINSPAGE privileged javascript execution in Firefox]
+ NOTE: reserved
- mozilla-firefox 1.0.3-1
CAN-2005-0751
NOTE: reserved
@@ -1521,7 +1610,7 @@
TODO: not-for-us (MSIE)
CAN-2005-0552
NOTE: reserved
-CAN-2005-0551 (The Client Server Runtime System (CSRSS) process of Microsoft Windows ...)
+CAN-2005-0551 (Stack-based buffer overflow in WINSRV.DLL in the Client Server Runtime ...)
NOTE: not-for-us (Microsoft)
CAN-2005-0550 (Buffer overflow in Microsoft Windows 2000, Windows XP SP1 and SP2, and ...)
NOTE: not-for-us (Microsoft)
@@ -4222,8 +4311,8 @@
NOTE: not-for-us (Darwin Streaming Server)
CAN-2004-1122 (Safari 1.x to 1.2.4, and possibly other versions, allows inactive ...)
NOTE: not-for-us (Safari)
-CAN-2004-1121
- NOTE: reserved
+CAN-2004-1121 (Apple Safari 1.0 through 1.2.3 allows remote attackers to spoof the ...)
+ TODO: check
CAN-2004-1120 (Mulitple buffer overflows in (1) http.c, (2) http-retr.c, (3) main.c ...)
{DSA-663-1}
- prozilla 1:1.3.7.3-1
@@ -4290,24 +4379,24 @@
{DSA-639-1}
CAN-2004-1090 (Midnight commander (mc) 4.5.55 and earlier allows remote attackers to ...)
{DSA-639-1}
-CAN-2004-1089
- NOTE: reserved
-CAN-2004-1088
- NOTE: reserved
-CAN-2004-1087
- NOTE: reserved
-CAN-2004-1086
- NOTE: reserved
-CAN-2004-1085
- NOTE: reserved
-CAN-2004-1084
- NOTE: reserved
-CAN-2004-1083
- NOTE: reserved
+CAN-2004-1089 (Unknown vulnerability in Apple Mac OS X 10.3.6 server, when using ...)
+ TODO: check
+CAN-2004-1088 (Postfix server for Apple Mac OS X 10.3.6, when using CRAM-MD5, allows ...)
+ TODO: check
+CAN-2004-1087 (Terminal for Apple Mac OS X 10.3.6 may indicate that "Secure Keyboard ...)
+ TODO: check
+CAN-2004-1086 (Buffer overflow in PSNormalizer for Apple Mac OS X 10.3.6 allows ...)
+ TODO: check
+CAN-2004-1085 (Human Interface Toolbox (HIToolBox) for Apple Mac 0S X 10.3.6 allows ...)
+ TODO: check
+CAN-2004-1084 (Apache for Apple Mac OS X 10.2.8 and 10.3.6 allows remote attackers to ...)
+ TODO: check
+CAN-2004-1083 (Apache for Apple Mac OS X 10.2.8 and 10.3.6 restricts access to files ...)
+ TODO: check
CAN-2004-1082
NOTE: reserved
-CAN-2004-1081
- NOTE: reserved
+CAN-2004-1081 (The Application Framework (AppKit) for Apple Mac OS X 10.2.8 and ...)
+ TODO: check
CAN-2004-1080 (The WINS service (wins.exe) on Microsoft Windows NT Server 4.0, ...)
NOTE: not-for-us (Microsoft)
CAN-2004-1079 (Buffer overflow in (1) ncplogin and (2) ncpmap in nwclient.c for ncpfs ...)
@@ -4940,10 +5029,10 @@
NOTE: not-for-us (netscape NSS)
CAN-2004-0825 (QuickTime Streaming Server in Mac OS X Server 10.2.8, 10.3.4, and ...)
NOTE: not-for-us (Apple)
-CAN-2004-0824
- NOTE: reserved
-CAN-2004-0823
- NOTE: reserved
+CAN-2004-0824 (PPPDialer for Mac OS X 10.2.8 through 10.3.5 allows local users to ...)
+ TODO: check
+CAN-2004-0823 (OpenLDAP 1.0 through 2.1.19, as used in Apple Mac OS 10.3.4 and 10.3.5 ...)
+ TODO: check
CAN-2004-0822 (Buffer overflow in The Core Foundation framework ...)
NOTE: not-for-us (Apple)
CAN-2004-0821 (The CFPlugIn in Core Foundation framework in Mac OS X allows user ...)
@@ -5340,16 +5429,16 @@
{DSA-543-1}
CAN-2004-0642 (Double-free vulnerabilities in the error handling code for ASN.1 ...)
{DSA-543-1}
-CAN-2004-0641
- NOTE: reserved
+CAN-2004-0641 (Thomson SpeedTouch 510 ADSL Router with firmware GV8BAA3.270, and ...)
+ TODO: check
CAN-2004-0640 (Format string vulnerability in the SSL_set_verify function in ...)
{DSA-529}
CAN-2004-0639 (Multiple cross-site scripting (XSS) vulnerabilities in Squirrelmail ...)
{DSA-535}
CAN-2004-0638 (Buffer overflow in the KSDWRTB function in the dbms_system package ...)
NOTE: not-for-us (Oracle)
-CAN-2004-0637
- NOTE: reserved
+CAN-2004-0637 (Oracle Database Server 8.1.7.4 through 9.2.0.4 allows local users to ...)
+ TODO: check
CAN-2004-0636 (Buffer overflow in the goaway function in the aim:goaway URI handler ...)
NOTE: not-for-us (AOL Instant Messenger)
CAN-2004-0635 (The SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote ...)
@@ -5562,10 +5651,10 @@
- tripwire 2.3.1.2.0-2.1
CAN-2004-0535 (The e1000 driver for Linux kernel 2.4.26 and earlier does not properly ...)
NOTE: fixed in 2.4.27
-CAN-2004-0534
- NOTE: reserved
-CAN-2004-0533
- NOTE: reserved
+CAN-2004-0534 (Cross-site scripting (XSS) vulnerability in Business Objects InfoView ...)
+ TODO: check
+CAN-2004-0533 (Business Objects WebIntelligence 2.7.0 through 2.7.4 only enforces ...)
+ TODO: check
CAN-2004-0532
NOTE: reserved
CAN-2004-0531
@@ -5872,8 +5961,8 @@
- apache 1.3.31-2
CAN-2004-0391 (Cisco Wireless LAN Solution Engine (WLSE) 2.0 through 2.5 and Hosting ...)
NOTE: not-for-us (Cisco Wireless LAN Solution Engine)
-CAN-2004-0390
- NOTE: reserved
+CAN-2004-0390 (SCO OpenServer 5.0.5 through 5.0.7 only supports Xauthority style ...)
+ TODO: check
CAN-2004-0389 (RealNetworks Helix Universal Server 9.0.1 and 9.0.2 allows remote ...)
NOTE: not-for-us (RealNetworks Helix Universal Server)
CAN-2004-0388 (The mysqld_multi script in MySQL allows local users to overwrite ...)
@@ -5914,8 +6003,8 @@
{DSA-476}
CAN-2004-0370 (The setsockopt call in the KAME Project IPv6 implementation, as used ...)
NOTE: not-for-us (KAME)
-CAN-2004-0369
- NOTE: reserved
+CAN-2004-0369 (Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec ...)
+ TODO: check
CAN-2004-0368 (Double-free vulnerability in dtlogin in CDE on Solaris, HP-UX, and ...)
NOTE: not-for-us (CDE)
CAN-2004-0367 (Ethereal 0.10.1 to 0.10.2 allows remote attackers to cause a denial of ...)
@@ -6414,8 +6503,8 @@
NOTE: not-for-us (Safari)
CAN-2004-0091 (Cross-site scripting (XSS) vulnerability in register.php for unknown ...)
NOTE: not-for-us (vBulletin)
-CAN-2004-0090
- NOTE: reserved
+CAN-2004-0090 (Unknown vulnerability in Windows File Sharing for Mac OS X 10.1.5 ...)
+ TODO: check
CAN-2004-0088 (The System Configuration subsystem in Mac OS 10.2.8 allows local users ...)
NOTE: not-for-us (MacOS)
CAN-2004-0087 (The System Configuration subsystem in Mac OS 10.2.8 and 10.3.2 allows ...)
@@ -6661,8 +6750,8 @@
NOTE: not-for-us (Apple)
CAN-2003-1006 (Buffer overflow in cd9660.util in Apple Mac OS X 10.0 through 10.3.2 ...)
NOTE: not-for-us (Apple)
-CAN-2003-1005
- NOTE: reserved
+CAN-2003-1005 (The PKI functionality in Mac OS X 10.2.8 and 10.3.2 allows remote ...)
+ TODO: check
CAN-2003-1004 (Cisco PIX firewall 6.2.x through 6.2.3, when configured as a VPN ...)
NOTE: not-for-us (Cisco)
CAN-2003-1003 (Cisco PIX firewall 5.x.x, and 6.3.1 and earlier, allows remote ...)
@@ -6762,8 +6851,8 @@
NOTE: reserved
CAN-2003-0955 (OpenBSD kernel 3.3 and 3.4 allows local users to cause a denial of ...)
NOTE: not-for-us (OpenBSD)
-CAN-2003-0954
- NOTE: reserved
+CAN-2003-0954 (Buffer overflow in rcp for AIX 4.3.3, 5.1 and 5.2 allows local users ...)
+ TODO: check
CAN-2003-0953
NOTE: reserved
CAN-2003-0952
@@ -6866,8 +6955,8 @@
{DSA-402}
CAN-2003-0901 (Buffer overflow in to_ascii for PostgreSQL 7.2.x, and 7.3.x before ...)
{DSA-397}
-CAN-2003-0900
- NOTE: reserved
+CAN-2003-0900 (Perl 5.8.1 on Fedora Core does not properly initialize the random ...)
+ TODO: check
CAN-2003-0899 (Buffer overflow in defang in libhttpd.c for thttpd 2.21 to 2.23b1 ...)
{DSA-396}
CAN-2003-0898 (IBM DB2 7.2 before FixPak 10a, and earlier versions including 7.1, ...)
@@ -7101,8 +7190,8 @@
- gdm 2.4.4.4
CAN-2003-0792 (Fetchmail 6.2.4 and earlier does not properly allocate memory for long ...)
- fetchmail 6.2.5
-CAN-2003-0791
- NOTE: reserved
+CAN-2003-0791 (The Script.prototype.freeze/thaw functionality in Mozilla 1.4 and ...)
+ TODO: check
CAN-2003-0790
NOTE: rejected
CAN-2003-0789 (mod_cgid in Apache before 2.0.48, when using a threaded MPM, does not ...)
@@ -7291,8 +7380,7 @@
NOTE: fixed in 2.4.22-pre3
CAN-2003-0699 (The C-Media PCI sound driver in Linux before 2.4.21 does not use the ...)
NOTE: fixed in 2.4.21-rc2
-CAN-2003-0698
- NOTE: reserved
+CAN-2003-0698 (Buffer overflow in Exim before 4.21 allows remote attackers to cause a ...)
- exim 3.36-8
CAN-2003-0697 (Format string vulnerability in lpd in the bos.rte.printers fileset for ...)
NOTE: not-for-us (AIX)
@@ -7396,10 +7484,9 @@
NOTE: not-for-us (ActiveX)
CAN-2003-0645 (man-db 2.3.12 and 2.3.18 to 2.4.1 uses certain user-controlled DEFINE ...)
{DSA-364}
-CAN-2003-0644
- NOTE: reserved
-CAN-2003-0643
- NOTE: reserved
+CAN-2003-0644 (Kdbg 1.1.0 through 1.2.8 does not check permissions of the .kdbgrc ...)
+ TODO: check
+CAN-2003-0643 (Integer signedness error in the Linux Socket Filter implementation ...)
{DSA-358}
NOTE: fixed in 2.4.22-pre10 (Introduced in 2.4.3-pre3)
CAN-2003-0642 (WatchGuard ServerLock for Windows 2000 before SL 2.0.4 allows local ...)
@@ -7432,10 +7519,10 @@
NOTE: not-for-us (peoplesoft)
CAN-2003-0628 (PeopleSoft Gateway Administration servlet (gateway.administration) in ...)
NOTE: not-for-us (peoplesoft)
-CAN-2003-0627
- NOTE: reserved
-CAN-2003-0626
- NOTE: reserved
+CAN-2003-0627 (psdoccgi.exe in PeopleSoft PeopleTools 8.4 through 8.43 allows remote ...)
+ TODO: check
+CAN-2003-0626 (psdoccgi.exe in PeopleSoft PeopleTools 8.4 through 8.43 allows remote ...)
+ TODO: check
CAN-2003-0625 (Off-by-one error in certain versions of xfstt allows remote attackers ...)
{DSA-360}
CAN-2003-0624 (Cross-site scripting (XSS) vulnerability in InteractiveQuery.jsp for ...)
@@ -7873,8 +7960,8 @@
NOTE: not-for-us (Apple)
CAN-2003-0421 (Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote ...)
NOTE: not-for-us (Apple)
-CAN-2003-0420
- NOTE: reserved
+CAN-2003-0420 (Information leak in dsimportexport for Apple Macintosh OS X Server ...)
+ TODO: check
CAN-2003-0419 (SMC Networks Barricade Wireless Cable/DSL Broadband Router SMC7004VWBR ...)
NOTE: not-for-us (SMC)
CAN-2003-0418 (The Linux 2.0 kernel IP stack does not properly calculate the size of ...)
@@ -7987,8 +8074,8 @@
NOTE: not-for-us (ICQLite)
CAN-2003-0364 (The TCP/IP fragment reassembly handling in the Linux kernel 2.4 allows ...)
{DSA-442 DSA-336 DSA-332 DSA-311}
-CAN-2003-0363
- NOTE: reserved
+CAN-2003-0363 (Format string vulnerability in LICQ 1.2.6, 1.0.3 and possibly other ...)
+ TODO: check
CAN-2003-0362 (Buffer overflow in gPS before 0.10.2 may allow local users to cause a ...)
{DSA-307}
CAN-2003-0361 (gPS before 1.1.0 does not properly follow the rgpsp connection source ...)
@@ -8558,8 +8645,8 @@
{DSA-496}
CAN-2003-0063
{DSA-380}
-CAN-2003-0061
- NOTE: reserved
+CAN-2003-0061 (Buffer overflow in passwd for HP UX B.10.20 allows local users to ...)
+ TODO: check
CAN-2003-0060 (Format string vulnerabilities in the logging routines for MIT Kerberos ...)
- krb5 1.2.4
CAN-2003-0057 (Multiple buffer overflows in Hypermail 2 before 2.1.6 allows remote ...)
@@ -8975,7 +9062,7 @@
{DSA-232}
- cupsys 1.1.18-1
CAN-2002-1370
- NOTE: reserved
+ NOTE: rejected
CAN-2002-1369
{DSA-232}
- cupsys 1.1.18-1
@@ -9012,14 +9099,14 @@
- ethereal 0.9.8-1
CAN-2002-1355 (Multiple integer signedness errors in the BGP dissector in Ethereal ...)
- ethereal 0.9.8-1
-CAN-2002-1354
- NOTE: reserved
-CAN-2002-1353
- NOTE: reserved
+CAN-2002-1354 (Directory traversal vulnerability in TYPSoft FTP Server 0.99.8 allows ...)
+ TODO: check
+CAN-2002-1353 (LocalWEB2000 HTTP server 2.1.0 stores passwords in plain text under ...)
+ TODO: check
CAN-2002-1352 (Per Magne Knutsen's CartMan shopping cart (cartman.php) 1.04 and ...)
NOTE: not-for-us (CartMan)
-CAN-2002-1351
- NOTE: reserved
+CAN-2002-1351 (Buffer overflow in Melange Chat System 1.10 allows remote attackers to ...)
+ TODO: check
CAN-2002-1350
{DSA-206}
- tcpdump 3.6.2-2.2
@@ -9093,8 +9180,8 @@
CAN-2002-1313
{DSA-198}
- nullmailer 1.00RC5-17
-CAN-2002-1312
- NOTE: reserved
+CAN-2002-1312 (Buffer overflow in the Web management interface in Linksys BEFW11S4 ...)
+ TODO: check
CAN-2002-1311
{DSA-197}
- courier 0.40.0-1
@@ -9154,8 +9241,8 @@
{DSA-204}
CAN-2002-1281 (Unknown vulnerability in the rlogin KIO subsystem (rlogin.protocol) of ...)
{DSA-204}
-CAN-2002-1280
- NOTE: reserved
+CAN-2002-1280 (Memory leak in RealSecure Event Collector 6.5 allows attackers to ...)
+ TODO: check
CAN-2002-1279 (Multiple buffer overflows in conf.c for Masqmail 0.1.x before 0.1.17, ...)
{DSA-194}
CAN-2002-1277
@@ -11086,14 +11173,10 @@
CAN-2001-0171 (Buffer overflow in SlimServe HTTPd 1.0 allows remote attackers to ...)
CAN-2001-0168 (Buffer overflow in AT&T WinVNC (Virtual Network Computing) server ...)
CAN-2001-0167 (Buffer overflow in AT&T WinVNC (Virtual Network Computing) client ...)
-CAN-2001-0163
- NOTE: reserved
-CAN-2001-0162
- NOTE: reserved
-CAN-2001-0161
- NOTE: reserved
-CAN-2001-0160
- NOTE: reserved
+CAN-2001-0163 (Cisco AP340 base station produces predictable TCP Initial Sequence ...)
+CAN-2001-0162 (WinCE 3.0.9348 generates predictable TCP Initial Sequence Numbers ...)
+CAN-2001-0161 (Cisco 340-series Aironet access point using firmware 11.01 does not ...)
+CAN-2001-0160 (Lucent/ORiNOCO WaveLAN cards generate predictable Initialization ...)
CAN-2001-0159
NOTE: reserved
CAN-2001-0158